Context
In crates/zeph-tools/src/audit.rs, AuditLogger::log() silently drops audit entries when serde serialization fails (lines 89-91). No tracing::error! is emitted.
Impact
In production, a broken AuditEntry serialization would silently disappear from the JSONL audit log with no indication. This is a compliance gap — audit logs must be complete.
Fix
Replace the silent drop with a tracing::error!("audit entry serialization failed: {err}") so failures are observable in logs.
Related
Context
In
crates/zeph-tools/src/audit.rs,AuditLogger::log()silently drops audit entries when serde serialization fails (lines 89-91). Notracing::error!is emitted.Impact
In production, a broken
AuditEntryserialization would silently disappear from the JSONL audit log with no indication. This is a compliance gap — audit logs must be complete.Fix
Replace the silent drop with a
tracing::error!("audit entry serialization failed: {err}")so failures are observable in logs.Related
cross_boundary_mcp_to_acpaudit field